CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
security.nl
CISA: organisaties opnieuw aangevallen via beveiligingslek in GeoServer
Organisaties zijn opnieuw aangevallen via een kwetsbaarheid in GeoServer, zo laat het Amerikaanse cyberagentschap CISA weten. Afgelopen september meldde het CISA nog dat een federale Amerikaanse overh ...
-
BleepingComputer
CISA orders feds to patch actively exploited Geoserver flaw
CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External Entity (XXE) injection attacks. In such attacks, an XML input containing a ref ...
-
0patch.com
Free Micropatches for Windows Remote Access Connection Manager DoS (0day)
During our investigation of CVE-2025-59230, a Windows Remote Access Connection Manager elevation of privilege vulnerability that was patched by Microsoft with October 2025 Windows updates, we found an ...
-
CybersecurityNews
Apache Struts 2 DoS Vulnerability Let Attackers Crash Server
A critical denial-of-service vulnerability has been discovered in Apache Struts 2, affecting multiple versions of the popular web application framework. The vulnerability, identified as CVE-2025-64775 ...
-
The Hacker News
New React RSC Vulnerabilities Enable DoS and Source Code Exposure
Dec 12, 2025Ravie LakshmananSoftware Security / Vulnerability The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could res ...
-
The Hacker News
React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation
Dec 12, 2025Ravie LakshmananVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to patch the recent React2Shell vulnerabil ...
-
CybersecurityNews
Windows Remote Access Connection Manager Vulnerabilities Let Attackers Escalate Privileges
Two critical privilege escalation flaws were disclosed in the Windows Remote Access Connection Manager on December 9, 2025. The vulnerabilities, tracked as CVE-2025-62472 and CVE-2025-62474, allow aut ...
-
The Cyber Express
Password Manager LastPass Penalized £1.2m by ICO for Security Failures
The Information Commissioner’s Office (ICO) has fined password manager provider LastPass UK Ltd £1.2 million following a 2022 data breach that compromised the personal information of up to 1.6 million ...
-
CybersecurityNews
CISA Warns of OSGeo GeoServer 0-Day Vulnerability Exploited in Attacks
An urgent warning about a critical security flaw in OSGeo GeoServer, a widely used open-source geographic data-sharing server. CISA has added the vulnerability to its Known Exploited Vulnerabilities ( ...
-
The Cyber Express
City of Cambridge Advises Password Reset After Nationwide CodeRED Data Breach
The City of Cambridge has released an important update regarding the OnSolve CodeRED emergency notifications system, also known locally as Cambridge’s reverse 911 system. The platform, widely used by ...